Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2019-2343

    Out of bound read and information disclosure in firmware due to insufficient checking of an embedded structure that can be sent from a kernel driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indus... Read more

    • Published: Jul. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2330

    improper input validation in allocation request for secure allocations can lead to page fault. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, S... Read more

    • Published: Jul. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2318

    Non Secure Kernel can cause Trustzone to do an arbitrary memory read which will result into DOS in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired ... Read more

    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2236

    Null pointer dereference during secure application termination using specific application ids. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IO... Read more

    • Published: Jul. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2240

    While sending the rendered surface content to the screen, Error handling is not properly checked results in an unpredictable behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdrago... Read more

    • Published: Jul. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2241

    While rendering the layout background, Error status check is not caught properly and also incorrect status handling is being done leading to unintended SUI behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Elec... Read more

    • Published: Jul. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2229

    In updateWidget of BaseWidgetProvider.java, there is a possible leak of user data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploit... Read more

    Affected Products : android
    • Published: Dec. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2239

    Sanity checks are missing in layout which can lead to SUI Corruption or can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Indust... Read more

    • Published: Jul. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2226

    In device_class_to_int of device_class.cc, there is a possible out of bounds read due to improper casting. This could lead to local information disclosure in the Bluetooth server with User execution privileges needed. User interaction is not needed for ex... Read more

    Affected Products : android
    • Published: Dec. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2196

    In Download Provider, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Androi... Read more

    Affected Products : android
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2179

    In NDEF_MsgValidate of ndef_utils in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction ... Read more

    Affected Products : android
    • Published: Sep. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2180

    In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User in... Read more

    Affected Products : android
    • Published: Sep. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-4081

    crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a... Read more

    Affected Products : linux_kernel
    • Published: May. 24, 2012
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2019-2101

    In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for explo... Read more

    Affected Products : android ubuntu_linux debian_linux
    • Published: Jun. 07, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-2056

    There is a possible disclosure of RAM using a shared crypto key due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android... Read more

    Affected Products : android
    • Published: Apr. 17, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-37674

    Cross Site Scripting vulnerability in Moodle CMS v3.10 allows a remote attacker to execute arbitrary code via the Field Name (name parameter) of a new activity.... Read more

    Affected Products : moodle
    • Published: Jun. 20, 2024
    • Modified: Jun. 13, 2025

  • 5.5

    MEDIUM
    CVE-2017-11183

    front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter.... Read more

    Affected Products : glpi
    • Published: Jul. 28, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-4976

    Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing.... Read more

    Affected Products : ambari
    • Published: Mar. 29, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-9601

    ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embed... Read more

    Affected Products : debian_linux gpl_ghostscript jbig2dec
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2025-55288

    Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Reflected Cross-Site Scripting (XSS) vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, lea... Read more

    Affected Products : genealogy
    • Published: Aug. 18, 2025
    • Modified: Sep. 03, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 293505 Results